CVE-2023-40530 Vulnerability Details

  /     /     /  

CVE-2023-40530 Metadata Quick Info

CVE Published: 25/08/2023 | CVE Updated: 02/10/2024 | CVE Year: 2023
Source: jpcert | Vendor: SKYLARK HOLDINGS CO., LTD. | Product: \'Skylark\' App for Android
Status : PUBLISHED

---

CVE-2023-40530 Description

Improper authorization in handler for custom URL scheme issue in \'Skylark\' App for Android 6.2.13 and earlier and \'Skylark\' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access an arbitrary website via another application installed on the user\'s device.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Improper authorization in handler for custom URL scheme
Source: SKYLARK HOLDINGS CO., LTD.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).